MacOS – How to forward local DNS queries to a VM when macOS is in offline mode

macosNetwork

For a project I need to intercept/redirect DNS queries to a VM, which in turn runs dnsmasq. This VM is hosted by xhyve and when connected to the network, the setup works well; I have an file in /etc/resolver.conf/test.io which has:

nameserver 192.168.64.20
search_order 1

Doing dig node.test.io @192.168.64.20 or dig node.test.io give the expected results.

But when going offline, there is a problem. It seems that when macOS is not connected to a network, it only allows /etc/resolver.conf/* entries to work when they use 127.0.0.1.

I tried setting up a port-forwarding, like:

$ echo "                           
rdr pass inet proto udp from any to 127.0.0.1 port 53 -> 192.168.64.20 port 53
" | sudo pfctl -ef -

and changing /etc/resolver.conf/test.io to:

nameserver 127.0.0.1
search_order 1

However, the domain test.io can not be found when I try to do a nslookup or dig node.test.io @localhost. The VM is still reachable as dig node.test.io @192.168.64.20 still gets resolved.

scutil --dns gives the following:

resolver #9
  domain   : test.io
  nameserver[0] : 127.0.0.1
  flags    : Request A records, Request AAAA records
  reach    : 0x00030002 (Reachable,Local Address,Directly Reachable Address)
  order    : 1

Note: nslookup does not seem to handle resolver well, so I have also tried to use curl/wget and the browser to see if queries got resolved correctly. Also, no difference with dns-sd. All failed…

Best Answer

In disconnected mode there is no DNS query going at all... We solved this by adding a TUN/TAP device to the macOS node and 'pretend' with this that it is connected.

Related Solutions

MacOS – Local DNS server access delays

If you have 127.0.0.1 localhost in /etc/hosts you also need to add a ::1 localhost line.

You may find that the delay has something to do with resolving the name 'localhost'. If you use 127.0.0.1 instead, the delay should be reduced to milliseconds.

$ time dig @127.0.0.1 muc.de

;; Query time: 10 msec

real 0m0.029s user 0m0.007s sys 0m0.005s

I don't know where the resolution of 'localhost' occurs or why it takes such a long time, but I guess it doesn't really matter...

MacOS – Do /etc/resolver/ files work in Mountain Lion for DNS resolution

This question seems a bit old, but I'm going to answer it anyways as I had a similar problem:

Yes, this works.

Your first problem is that you obviously have the wrong IP (8.8.8.8 instead of 203.12.160.35) in /etc/resolver/apple.com. Verify that the contents of this file is really:

nameserver 203.12.160.35

Then scutil --dns should have an entry like this:

resolver #8
  domain   : apple.com
  nameserver[0] : 203.12.160.35

The second problem is that you tried to verify it using nslookup which does not use the DNS resolution mechanisms of OS X. If you look at the man page of nslookup you will find this:

Mac OS X NOTICE
   The nslookup command does not use the host name and address resolution or the DNS 
   query routing mechanisms used by other processes running on Mac OS X.  The results of 
   name or address queries printed by nslookup may differ from those found by other
   processes that use the Mac OS X native name and address resolution mechanisms. The 
   results of DNS queries may also differ from queries that use the Mac OS X DNS routing 
   library.

To check your DNS config you could do

dns-sd -G v4 images.apple.com

and verify if it yields the same IP as

nslookup images.apple.com 203.12.160.35

Best Answer

Related Solutions

MacOS – Local DNS server access delays

MacOS – Do /etc/resolver/ files work in Mountain Lion for DNS resolution

Related Question